CN106412915A - Pseudo-wireless access point identification method and system - Google Patents

Pseudo-wireless access point identification method and system Download PDF

Info

Publication number
CN106412915A
CN106412915A CN201610932098.3A CN201610932098A CN106412915A CN 106412915 A CN106412915 A CN 106412915A CN 201610932098 A CN201610932098 A CN 201610932098A CN 106412915 A CN106412915 A CN 106412915A
Authority
CN
China
Prior art keywords
wap
file
file destination
electronic equipment
pseudo
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610932098.3A
Other languages
Chinese (zh)
Inventor
田永胜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Original Assignee
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yulong Computer Telecommunication Scientific Shenzhen Co Ltd filed Critical Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority to CN201610932098.3A priority Critical patent/CN106412915A/en
Priority to US16/345,352 priority patent/US11019496B2/en
Priority to PCT/CN2016/113631 priority patent/WO2018076539A1/en
Publication of CN106412915A publication Critical patent/CN106412915A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/30Connection release
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/08Access point devices

Abstract

The present invention provides a pseudo-wireless access point identification method, and is applied to the electronic device. The method comprises: when the electronic device is connected with a wireless network through the wireless access point, monitoring whether the file operation has abnormal operation or not; when the file operation has the abnormal operation, determining that the wireless access point is the pseudo-wireless access point; and executing an early warning instruction. The present invention further provides a pseudo-wireless access point identification system. The pseudo-wireless access point identification method and system can timely discover the fishing wireless access point and prevent user' privacy and property from loss.

Description

Pseudo- WAP recognition methods and system
Technical field
The present invention relates to radio network technique field, the more particularly, to a kind of WAP recognition methods of puppet and system.
Background technology
Electronic equipment is much equipped with WAP option at present.User can connect WAP heat whenever and wherever possible Point enjoys a trip to network world, but unique people wirelessly can be connect by the WAP configuration foundation fishing in electronic equipment Access point, lures that user connects into, thus stealing individual subscriber privacy, the photo such as in acquisition electronic equipment, contact person, finance are related Information of application etc..User basically can not discover.User only could the company of discovery after the wealth such as Net silver are illegally shifted Take over fishing WAP.
Content of the invention
In view of the foregoing it is necessary to provide a kind of WAP recognition methods of puppet and system, can find in time to go fishing WAP, prevents the privacy of user and property from having loss.
A kind of WAP recognition methods of puppet, is applied in electronic equipment, methods described includes:
After described electronic equipment connects wireless network by WAP, whether monitoring file operation has abnormal behaviour Make;
When described file operation has abnormal operation, determine that described WAP is pseudo- WAP;And
Execution alarm command.
According to the preferred embodiment of the present invention, described file operation include following one or more:File destination is corresponding Operation and generation new file operation, described file destination includes the file related to privacy of user or property safety, described target The corresponding operation of file include following any one or multiple:To the modification operation of described file destination, read operation and write operation.
According to the preferred embodiment of the present invention, described abnormal operation include following one or more:
The operation that described file destination corresponding priority assignation data is modified;
The size of the described file destination being read or write in the read operation to described file destination or write operation is more than or waits In preset value;
Do not meet default naming rule generating the new file generated in new file operation.
According to the preferred embodiment of the present invention, described alarm command include following one or more:
Exit the logon account of all application programs in described electronic equipment;
Freeze the operation being associated with described file destination;
Disconnect the connection with described WAP;
WAP described in prompting user is pseudo- WAP;
Forbid the secure digital card in electronic equipment described in any operational access.
A kind of puppet WAP identifying system, runs in electronic equipment, described system includes:
Monitoring modular, for connecting after wireless network by WAP when described electronic equipment, monitors file operation Whether there is abnormal operation;
Determining module, for when described file operation has abnormal operation, determining that described WAP wirelessly connects for puppet Access point;And
Warning module, for executing alarm command.
According to the preferred embodiment of the present invention, described file operation include following one or more:File destination is corresponding Operation and generation new file operation, described file destination includes the file related to privacy of user or property safety, described target The corresponding operation of file include following any one or multiple:To the modification operation of described file destination, read operation and write operation.
According to the preferred embodiment of the present invention, described abnormal operation specifically include following one or more:
The operation that described file destination corresponding priority assignation data is modified;
The size of the described file destination being read or write in the read operation to described file destination or write operation is more than or waits In preset value;
Do not meet default naming rule generating the new file generated in new file operation.
According to the preferred embodiment of the present invention, described warning module be used for executing alarm command include following a kind of or many Kind:
Exit the logon account of all application programs in described electronic equipment;
Freeze the operation being associated with described file destination;
Disconnect the connection with described WAP;
WAP described in prompting user is pseudo- WAP;
Forbid the secure digital card in electronic equipment described in any operational access.
As can be seen from the above technical solutions, the present invention passes through to monitor whether file operation has abnormal operation, when described literary composition When part operation has abnormal operation, determine that the WAP that described electronic equipment is accessed is pseudo- WAP, and execute pre- If alarm command.Therefore, the present invention can find WAP of going fishing in time, prevents the privacy of user and property from having loss.
Brief description
Fig. 1 is the flow chart of the preferred embodiment of present invention puppet WAP recognition methods.
Fig. 2 is the structural representation of the electronic equipment of preferred embodiment that the present invention realizes pseudo- WAP recognition methods Figure.
Fig. 3 is the functional block diagram of the embodiment of present invention puppet WAP identifying system.
Main element symbol description
Electronic equipment 1
Storage device 12
Processing equipment 13
Pseudo- WAP identifying system 11
Monitoring modular 100
Determining module 101
Warning module 102
Specific embodiment
In order that the object, technical solutions and advantages of the present invention are clearer, below in conjunction with the accompanying drawings with specific embodiment pair The present invention is described in detail.
As shown in figure 1, being the flow chart of present invention puppet WAP recognition methods preferred embodiment.According to different need Ask, in this flow chart, the order of step can change, some steps can be omitted.
Preferably, the pseudo- WAP recognition methods of the present invention can be applied in multiple electronic equipments.Described electronics Equipment be a kind of can automatically carry out the equipment of numerical computations and/or information processing according to the instruction being previously set or store, its Hardware includes but is not limited to microprocessor, special IC (Application Specific Integrated Circuit, ASIC), programmable gate array (Field-Programmable Gate Array, FPGA), digital processing unit (Digital Signal Processor, DSP), embedded device etc..
Described electronic equipment can also be that any one can carry out the electronic product of man-machine interaction with user, for example, personal Computer, panel computer, smart mobile phone, personal digital assistant (Personal Digital Assistant, PDA), game machine, IPTV (Internet Protocol Television, IPTV), intellectual Wearable etc..
S10, after described electronic equipment connects wireless network by WAP, described electronic equipment monitoring file behaviour Whether there is abnormal operation.
In one embodiment of the invention, described electronic equipment includes Miscellaneous Documents, such as picture, video, various application The installation file of program, various configuration file etc..Described WAP includes, but are not limited to:Wi-Fi access point.
In one embodiment of the invention, described file operation include following one or more:File destination corresponds to Operation and generate new file operation.Described file destination includes the file related to privacy of user or property safety.Described mesh Mark file includes:But it is not limited to, picture, video, cookies file, configuration file of application program etc..Described file destination Can be one or more.The corresponding operation of described file destination include following any one or multiple:To described target literary composition The modification operation of part, read operation and write operation etc..
In one embodiment of the invention, described electronic equipment according to prefixed time interval travel through described file operation with Monitor whether described file operation has abnormal operation.
In one embodiment of the invention, can be by judging the modification operation to described file destination, reading or writing behaviour Whether there is exception, generate whether the new file generated in new file operation has exception to judge whether file operation has exception Operation.
S11, when described file operation has abnormal operation, described electronic equipment determines that described WAP is pseudo- wireless Access point.
In one embodiment of the invention, described abnormal operation specifically include following one or more:
(1) operation that described file destination corresponding priority assignation data is modified.
In one embodiment of the invention, for example, rogue program is to described file destination corresponding priority assignation data The operation modified.Rogue program typically refers to the one section of program write with attack intension, and described rogue program is main Including:Trapdoor, logic bomb, Trojan Horse, worm, bacterium, virus etc..Priority assignation data includes access rights, reading Authority, editing authority, modification authority etc. setting data related to authority.
(2) size of the described file destination being read or write in the read operation to described file destination or write operation be more than or Equal to preset value.
In one embodiment of the invention, preset when the size of the described file destination being read or write is more than or equal to Value, represents that substantial amounts of file destination is read or write, may have threat to the privacy of user and property.
(3) new file generated in generation new file operation does not meet default naming rule.Described default name rule Then setting and/or the system setting according to electronic equipment are accustomed to according to user.
Therefore, when described electronic equipment detects described middle file operation and has one or more operations above-mentioned, then institute State electronic equipment and determine that described file operation has abnormal operation.
S12, described electronic equipment executes alarm command.
In one embodiment of the invention, described electronic equipment execution alarm command include following one or more:
(1) exit the logon account of all application programs in described electronic equipment.
(2) freeze the operation being associated with described file destination.As read or write, duplication operation etc..
In one embodiment of the invention, after the operation freezing to be associated with described file destination, receive user During the defrosting instruction of the operation associated to described file destination, the operation that described file destination is associated is thawed.
(3) disconnect the connection with described WAP.
In one embodiment of the invention, described electronic equipment first exits all application programs in described electronic equipment Logon account, then disconnect the connection with described WAP.If WAP exits again described in first disconnection of wireless network In described electronic equipment during the logon account of all application programs, the network data of caching then will not be cleared, and will lead to malice Program can continue to manipulate described electronic equipment.
(4) WAP described in prompting user is pseudo- WAP.
In one embodiment of the invention, pointing out described WAP in modes such as sound, vibrations, interfaces is pseudo- nothing Line access point.
(5) forbid safety digit (Secure Digital, SD) card in electronic equipment described in any operational access.
The present invention passes through to monitor whether file operation has abnormal operation, when described file operation has abnormal operation, determines The WAP that described electronic equipment is accessed is pseudo- WAP, and executes alarm command.Therefore, the present invention can be timely Find fishing WAP, prevent the privacy of user and property from having loss.
As shown in Fig. 2 Fig. 2 is the electronic equipment of the preferred embodiment of the pseudo- WAP recognition methods of present invention realization Structural representation.Described electronic equipment 1 includes storage device 12 and processing equipment 13.
Described electronic equipment 1 also includes but is not limited to any one and can pass through keyboard, mouse, remote control, touch with user The mode such as plate or voice-operated device carries out the electronic product of man-machine interaction, for example, personal computer, panel computer, smart mobile phone, individual Personal digital assistant (Personal Digital Assistant, PDA), game machine, IPTV (Internet Protocol Television, IPTV), intellectual Wearable etc..Network residing for described electronic equipment 1 include but not It is limited to internet, wide area network, Metropolitan Area Network (MAN), LAN, VPN (Virtual Private Network, VPN) etc..
Described storage device 12 is used for storing a kind of program of puppet WAP recognition methods and various data, and in institute The access state and realize high speed in electronic equipment 1 running, being automatically completed program or data.Described storage device 12 can be The External memory equipment of electronic equipment 1 and/or internal storage device.Further, described storage device 12 can be integrated electricity There is no the circuit with store function of physical form, such as RAM (Random-Access Memory, random access memory in road Equipment), FIFO (FirstIn First Out) etc..Or, described storage device 12 can also be to have depositing of physical form Storage equipment, such as memory bar, TF card (Trans-flash Card) etc..
Described processing equipment 13, also known as central processing unit (CPU, Central Processing Unit), is one piece of super large The integrated circuit of scale, is arithmetic core (Core) and the control core (Control Unit) of electronic equipment 1.Described process sets The types of applications program of standby 13 operating systems that can perform described electronic equipment 1 and installation, program code etc., for example pseudo- wireless Access point recognition system 11.
As shown in figure 3, the functional block diagram of the embodiment of present invention puppet WAP identifying system.Described puppet wirelessly connects Access point identifying system 11 includes monitoring modular 100, determining module 101 and warning module 102.Module alleged by the present invention refers to one Plant the series of computation machine program segment that can be processed performed by equipment 13 and can complete fixing function, it is stored in storage In equipment 12.In the present embodiment, the function with regard to each module will describe in detail in follow-up embodiment.
After described electronic equipment 1 connects wireless network by WAP, described monitoring modular 100 monitoring file behaviour Whether there is abnormal operation.
In one embodiment of the invention, described electronic equipment 1 includes Miscellaneous Documents, such as picture, video, various application The installation file of program, various configuration file etc..Described WAP includes, but are not limited to:Wi-Fi access point.
In one embodiment of the invention, described file operation include following one or more:File destination corresponds to Operation and generate new file operation.Described file destination includes the file related to privacy of user or property safety.Described mesh Mark file includes:But it is not limited to, picture, video, cookies file, configuration file of application program etc..Described file destination Can be one or more.The corresponding operation of described file destination include following any one or multiple:To described target literary composition The modification operation of part, read operation and write operation etc..
In one embodiment of the invention, described monitoring modular 100 travels through described literary composition according to prefixed time interval Part operates to monitor whether described file operation has abnormal operation.
In one embodiment of the invention, described monitoring modular 100 can be by judging described file destination is repaiied Change operation, whether read or write has exception, generate whether the new file generated in new file operation has extremely to judge State whether file operation in file management folder has abnormal operation.
When described file operation has abnormal operation, described determining module 101 determines that described WAP is pseudo- wireless Access point.
In one embodiment of the invention, described abnormal operation specifically include following one or more:
(1) operation that described file destination corresponding priority assignation data is modified.
In one embodiment of the invention, for example, rogue program is to described file destination corresponding priority assignation data The operation modified.Rogue program typically refers to the one section of program write with attack intension, and described rogue program is main Including:Trapdoor, logic bomb, Trojan Horse, worm, bacterium, virus etc..Priority assignation data includes access rights, reading Authority, editing authority, modification authority etc. setting data related to authority.
(2) size of the described file destination being read or write in the read operation to described file destination or write operation be more than or Equal to preset value.
In one embodiment of the invention, preset when the size of the described file destination being read or write is more than or equal to Value, represents that substantial amounts of described file destination is read or write, may have threat to the privacy of user and property.
(3) new file generated in generation new file operation does not meet default naming rule.Described default name rule Then setting and/or the system setting according to electronic equipment are accustomed to according to user.
Therefore, when described determining module 101 detect file operation in described file management folder have above-mentioned a kind of or many When planting operation, then described determining module 101 determines that described file operation has abnormal operation.
Described warning module 102 executes alarm command.
In one embodiment of the invention, described warning module 102 execution alarm command include following a kind of or many Kind:
(1) exit the logon account of all application programs in described electronic equipment.
(2) freeze the operation being associated with described file destination.As read or write, duplication operation etc..
In one embodiment of the invention, after the operation freezing to be associated with described file destination, receive user During the defrosting instruction of the operation associated to described file destination, the operation that described file destination is associated is thawed.
(3) disconnect the connection with described WAP.
In one embodiment of the invention, described electronic equipment first exits all application programs in described electronic equipment Logon account, then disconnect the connection with described WAP.If WAP exits again described in first disconnection of wireless network In described electronic equipment during the logon account of all application programs, the network data of caching then will not be cleared, and will lead to malice Program can continue to manipulate described electronic equipment.
(4) WAP described in prompting user is pseudo- WAP.
In one embodiment of the invention, pointing out described WAP in modes such as sound, vibrations, interfaces is pseudo- nothing Line access point.
(5) forbid the secure digital card in electronic equipment described in any operational access, i.e. sdcard (SD) card.
The present invention passes through to monitor whether file operation has abnormal operation, when described file operation has abnormal operation, determines The WAP that described electronic equipment is accessed is pseudo- WAP, and executes alarm command.Therefore, the present invention can be timely Find fishing WAP, prevent the privacy of user and property from having loss.
The above-mentioned integrated unit realized in the form of software function module, can be stored in an embodied on computer readable and deposit In storage media.Above-mentioned software function module is stored in a storage medium, including some instructions with so that a computer Equipment (can be personal computer, server, or network equipment etc.) or processor (processor) execution the present invention each The part steps of embodiment methods described.
In conjunction with Fig. 1, the described storage device 12 storage multiple instruction in described electronic equipment 1 is wirelessly connect with realizing a kind of puppet Access point recognition methods, described processing equipment 13 can perform the plurality of instruction thus realizing:When described electronic equipment passes through wirelessly After access point connects wireless network, whether monitoring file operation has abnormal operation;When described file operation has abnormal operation, really Fixed described WAP is pseudo- WAP;And execution alarm command.
According to the preferred embodiment of the present invention, described file operation include following one or more:File destination is corresponding Operation and generation new file operation, described file destination includes the file related to privacy of user or property safety, described target The corresponding operation of file include following any one or multiple:To the modification operation of described file destination, read operation and write operation.
According to the preferred embodiment of the present invention, described abnormal operation specifically include following one or more:
(1) operation that described file destination corresponding priority assignation data is modified;
(2) size of the described file destination being read or write in the read operation to described file destination or write operation be more than or Equal to preset value;
(3) new file generated in generation new file operation does not meet default naming rule.
According to the preferred embodiment of the present invention, described processing equipment 13 also execute with give an order including:
(1) exit the logon account of all application programs in described electronic equipment;
(2) freeze the operation being associated with described file destination;
(3) disconnect the connection with described WAP;
(4) WAP described in prompting user is pseudo- WAP;
(5) forbid the secure digital card in electronic equipment described in any operational access.
Specifically, described processing equipment 13 refers to phase in the corresponding embodiment of Fig. 1 to the concrete methods of realizing of above-mentioned instruction Close the description of step, will not be described here.It should be understood that disclosed system in several embodiments provided by the present invention, Apparatus and method, can realize by another way.For example, device embodiment described above is only schematically, For example, the division of described module, only a kind of division of logic function, actual can have other dividing mode when realizing.
The described module illustrating as separating component can be or may not be physically separate, show as module The part showing can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple On NE.The mesh to realize this embodiment scheme for some or all of module therein can be selected according to the actual needs 's.
In addition, can be integrated in a processing unit in each functional module in each embodiment of the present invention it is also possible to It is that unit is individually physically present it is also possible to two or more units are integrated in a unit.Above-mentioned integrated list Unit both can be to be realized in the form of hardware, it would however also be possible to employ the form that hardware adds software function module is realized.
It is obvious to a person skilled in the art that the invention is not restricted to the details of above-mentioned one exemplary embodiment, Er Qie In the case of the spirit or essential attributes of the present invention, the present invention can be realized in other specific forms.Therefore, no matter From the point of view of which point, embodiment all should be regarded as exemplary, and be nonrestrictive, the scope of the present invention is by appended power Profit requires rather than described above limits, it is intended that all in the implication and scope of the equivalency of claim by falling Change is included in the present invention.Any attached associated diagram mark in claim should not be considered as the involved right of restriction will Ask.Furthermore, it is to be understood that " inclusion " one word is not excluded for other units or step, odd number is not excluded for plural number.State in system claims Multiple units or device can also be realized by software or hardware by a unit or device.Second grade word is used for table Show title, and be not offered as any specific order.
Finally it should be noted that above example is only in order to illustrate technical scheme and unrestricted, although reference Preferred embodiment has been described in detail to the present invention, it will be understood by those within the art that, can be to the present invention's Technical scheme is modified or equivalent, without deviating from the spirit and scope of technical solution of the present invention.

Claims (8)

1. a kind of WAP recognition methods of puppet, is applied in electronic equipment it is characterised in that methods described includes:
After described electronic equipment connects wireless network by WAP, whether monitoring file operation has abnormal operation;
When described file operation has abnormal operation, determine that described WAP is pseudo- WAP;And
Execution alarm command.
2. puppet as claimed in claim 1 WAP recognition methods is it is characterised in that described file operation is included with next Plant or multiple:The corresponding operation of file destination and generation new file operation, described file destination includes and privacy of user or wealth Produce safety-related file, the corresponding operation of described file destination include following any one or multiple:To described file destination Modification operation, read operation and write operation.
3. puppet as claimed in claim 2 WAP recognition methods is it is characterised in that described abnormal operation is included with next Plant or multiple:
The operation that described file destination corresponding priority assignation data is modified;
The size of the described file destination being read or write in the read operation to described file destination or write operation is more than or equal to pre- If value;
Do not meet default naming rule generating the new file generated in new file operation.
4. puppet as claimed in claim 1 WAP recognition methods is it is characterised in that described alarm command is included with next Plant or multiple:
Exit the logon account of all application programs in described electronic equipment;
Freeze the operation being associated with described file destination;
Disconnect the connection with described WAP;
WAP described in prompting user is pseudo- WAP;
Forbid the secure digital card in electronic equipment described in any operational access.
5. a kind of puppet WAP identifying system, runs in electronic equipment it is characterised in that described system includes:
Monitoring modular, for connecting after wireless network when described electronic equipment by WAP, whether monitoring file operation There is abnormal operation;
Determining module, for when described file operation has abnormal operation, determining that described WAP is pseudo- WAP; And
Warning module, for executing alarm command.
6. puppet WAP identifying system as claimed in claim 5 is it is characterised in that described file operation is included with next Plant or multiple:The corresponding operation of file destination and generation new file operation, described file destination includes and privacy of user or wealth Produce safety-related file, the corresponding operation of described file destination include following any one or multiple:To described file destination Modification operation, read operation and write operation.
7. as claimed in claim 6 puppet WAP identifying system it is characterised in that described abnormal operation specifically include with Descend one or more:
The operation that described file destination corresponding priority assignation data is modified;
The size of the described file destination being read or write in the read operation to described file destination or write operation is more than or equal to pre- If value;
Do not meet default naming rule generating the new file generated in new file operation.
8. puppet WAP identifying system as claimed in claim 5 it is characterised in that described warning module be used for executing pre- Alert instruction include following one or more:
Exit the logon account of all application programs in described electronic equipment;
Freeze the operation being associated with described file destination;
Disconnect the connection with described WAP;
WAP described in prompting user is pseudo- WAP;
Forbid the secure digital card in electronic equipment described in any operational access.
CN201610932098.3A 2016-10-31 2016-10-31 Pseudo-wireless access point identification method and system Pending CN106412915A (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN201610932098.3A CN106412915A (en) 2016-10-31 2016-10-31 Pseudo-wireless access point identification method and system
US16/345,352 US11019496B2 (en) 2016-10-31 2016-12-30 Method and electronic device for identifying a pseudo wireless access point
PCT/CN2016/113631 WO2018076539A1 (en) 2016-10-31 2016-12-30 Method and system for identifying rogue wireless access point

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610932098.3A CN106412915A (en) 2016-10-31 2016-10-31 Pseudo-wireless access point identification method and system

Publications (1)

Publication Number Publication Date
CN106412915A true CN106412915A (en) 2017-02-15

Family

ID=58012525

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610932098.3A Pending CN106412915A (en) 2016-10-31 2016-10-31 Pseudo-wireless access point identification method and system

Country Status (3)

Country Link
US (1) US11019496B2 (en)
CN (1) CN106412915A (en)
WO (1) WO2018076539A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104639522B (en) * 2013-11-15 2018-12-14 华为终端(东莞)有限公司 A kind of method for network access control and device
US20230129553A1 (en) * 2021-10-27 2023-04-27 Hewlett Packard Enterprise Development Lp Broadcast of intrusion detection information

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1737722A (en) * 2005-08-03 2006-02-22 珠海金山软件股份有限公司 System and method for detecting and defending computer worm
CN104113842A (en) * 2014-07-31 2014-10-22 北京金山安全软件有限公司 Method, device, server and mobile terminal for identifying pseudo wireless network access point
CN104135561A (en) * 2013-07-08 2014-11-05 腾讯科技(深圳)有限公司 Method and device of reminding user of flow of terminal as well as terminal
US20150139211A1 (en) * 2013-11-19 2015-05-21 Huawei Technologies Co., Ltd. Method, Apparatus, and System for Detecting Rogue Wireless Access Point
CN105009510A (en) * 2013-03-13 2015-10-28 高通股份有限公司 Method and apparatus for wireless device countermeasures against malicious infrastructure
CN105554762A (en) * 2015-12-10 2016-05-04 广东工业大学 RSS-based wireless spoofing attack positioning method
CN105873068A (en) * 2016-06-17 2016-08-17 珠海市魅族科技有限公司 Pseudo base station identification method and device

Family Cites Families (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2479166A1 (en) * 2002-03-27 2003-10-09 International Business Machines Corporation Methods apparatus and program products for wireless access points
US7058796B2 (en) * 2002-05-20 2006-06-06 Airdefense, Inc. Method and system for actively defending a wireless LAN against attacks
US7069024B2 (en) * 2003-10-31 2006-06-27 Symbol Technologies, Inc. System and method for determining location of rogue wireless access point
CA2807829C (en) * 2004-11-04 2017-10-10 Topeer Corporation System and method for creating a secure trusted social network
US20070039043A1 (en) * 2005-08-11 2007-02-15 Sbc Knowledge Ventures L.P. Distributed global log off for a single sign-on account
US20070186276A1 (en) * 2006-02-09 2007-08-09 Mcrae Matthew Auto-detection and notification of access point identity theft
US7865717B2 (en) * 2006-07-18 2011-01-04 Motorola, Inc. Method and apparatus for dynamic, seamless security in communication protocols
US8069483B1 (en) * 2006-10-19 2011-11-29 The United States States of America as represented by the Director of the National Security Agency Device for and method of wireless intrusion detection
US7991877B2 (en) * 2007-10-05 2011-08-02 International Business Machines Corporation Rogue router hunter
US20100074112A1 (en) * 2008-09-25 2010-03-25 Battelle Energy Alliance, Llc Network traffic monitoring devices and monitoring systems, and associated methods
US8750267B2 (en) * 2009-01-05 2014-06-10 Qualcomm Incorporated Detection of falsified wireless access points
WO2010150052A2 (en) * 2009-06-24 2010-12-29 Nokia Corporation Methods and apparatuses for avoiding denial of service attacks by rogue access points
US9137255B2 (en) * 2011-06-30 2015-09-15 Marvell World Trade Ltd. Verifying server identity
US9432402B1 (en) * 2011-09-06 2016-08-30 Utility Associates, Inc. System and method for uploading files to servers utilizing GPS routing
JP5576568B2 (en) * 2011-09-30 2014-08-20 インターナショナル・ビジネス・マシーンズ・コーポレーション Monitoring system, monitoring server, method and program for monitoring unauthorized access points
US8949993B2 (en) * 2011-10-17 2015-02-03 Mcafee Inc. Mobile risk assessment
EP2600648A1 (en) * 2011-11-30 2013-06-05 British Telecommunications public limited company Rogue access point detection
US8818892B1 (en) * 2013-03-15 2014-08-26 Palantir Technologies, Inc. Prioritizing data clusters with customizable scoring strategies
US20160112871A1 (en) * 2014-10-17 2016-04-21 Christopher Jules White Method and Systems for Placing Physical Boundaries on Information Access/Storage, Transmission and Computation of Mobile Devices
CN105636048B (en) * 2014-11-04 2021-02-09 中兴通讯股份有限公司 Terminal and method and device for identifying pseudo base station
CN105704718A (en) * 2014-11-25 2016-06-22 中兴通讯股份有限公司 Method and device for identifying pseudo base stations
US9609517B2 (en) * 2014-12-19 2017-03-28 Intel Corporation Cooperative security in wireless sensor networks

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1737722A (en) * 2005-08-03 2006-02-22 珠海金山软件股份有限公司 System and method for detecting and defending computer worm
CN105009510A (en) * 2013-03-13 2015-10-28 高通股份有限公司 Method and apparatus for wireless device countermeasures against malicious infrastructure
CN104135561A (en) * 2013-07-08 2014-11-05 腾讯科技(深圳)有限公司 Method and device of reminding user of flow of terminal as well as terminal
US20150139211A1 (en) * 2013-11-19 2015-05-21 Huawei Technologies Co., Ltd. Method, Apparatus, and System for Detecting Rogue Wireless Access Point
CN104113842A (en) * 2014-07-31 2014-10-22 北京金山安全软件有限公司 Method, device, server and mobile terminal for identifying pseudo wireless network access point
CN105554762A (en) * 2015-12-10 2016-05-04 广东工业大学 RSS-based wireless spoofing attack positioning method
CN105873068A (en) * 2016-06-17 2016-08-17 珠海市魅族科技有限公司 Pseudo base station identification method and device

Also Published As

Publication number Publication date
US11019496B2 (en) 2021-05-25
WO2018076539A1 (en) 2018-05-03
US20190251285A1 (en) 2019-08-15

Similar Documents

Publication Publication Date Title
JP2022160702A (en) IoT Security Service
CN103268455B (en) The access method of data and device
CN105630847B (en) Date storage method, data query method, apparatus and system
CN103116723A (en) Method, device and system of web site interception process
CN105553975A (en) Method for providing network service, device and system
CN106462137A (en) A system and method for securing an industrial control system
CN105426748B (en) A kind of update method and equipment of rule file
CN102510400A (en) Method, apparatus and equipment used for determining user suspectableness degree
CN101102259A (en) Network access control system and its method
CN104615787B (en) A kind of update interface display method and device
CN112468409A (en) Access control method, device, computer equipment and storage medium
CN111694841A (en) Order mark generation method, device, server and storage medium
CN108881230A (en) A kind of safe transmission method and device of government affairs big data
CN106412915A (en) Pseudo-wireless access point identification method and system
CN114095567A (en) Data access request processing method and device, computer equipment and medium
CN111275599A (en) Big data integration algorithm-based group rental house early warning method and device, storage medium and terminal
CN105323145A (en) Malicious information identification method, device and system
CN104461741B (en) Graphics device interface based computing device optimizing method and device
CN101626497A (en) Alarm linkage method and alarm linkage device
CN108184210A (en) A kind of multimode intelligent wireless communication system and its implementation based on multi-internet integration
CN102780780B (en) Method, equipment and system for data processing in cloud computing mode
CN106453649A (en) File transmission method and device
CN106469273A (en) Background traffic monitor processing method and system
CN110535842A (en) A kind of mimicry security system and method based on sampling Detection
CN112002352B (en) Random music playing method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170215

RJ01 Rejection of invention patent application after publication